Information Security SOC Analyst (24/7)

ABOUT THE PROJECT: 

The SOC (Security Operations Center) provides 24/7 security operations monitoring and support for BTC customers and subsidiaries. We provide comprehensive solutions for main players in German Energy Sector, where your collaboration will help to protect systems that impact millions of people. You can expect that taking up the offer for this position will boost your technical, architectural and system skill.

We require specific expertise in the field related to the job description, your collaboration and participation in many activities within our security projects. Proactive approach and motivation to help drive change and advancement are necessary. To fully take advantage of this opportunity you will need to have an already developed baseline and be familiar with multiple aspects of general IT and Security standards.

You can expect to interact frequently with other members of the Security department and the IT technical teams along with the IT Operations and Engineering teams.

Our main tech stack tools:

• ELASTIC

• ATLASSIAN (Jira,Confluence)

• M365 (Defenders, Sentinel etc.)

• Trellix Endpoint Security

• Fortigate

• Qualys

• Omnitracker

• Citrix/VMware

YOUR RESPONSIBILITIES:

• Conducting proactive monitoring, investigations, and mitigation of security events.

• Analysing security event data from SIEM, Dashboards, log sources etc.

• Spending time to understand the environment you are responsible for and engaging with various teams to gain further knowledge of the environment(s).

• Recognizing potential, successful, and unsuccessful intrusion attempts through review and analysis of relevant event data.

• Research new and evolving threats with potential impact to the monitored environment.

• Triage, investigating, and escalating alerts as they occur in Windows and Linux environments.

• Pulling data from multiple sources, including endpoint protection and response, internal data feeds, threat intelligence, and advanced phishing protection.

• Working with our internal security teams to share knowledge, training, and best practices.

• Receiving internal and external training on technologies you will be monitoring, incident response and other technical security topics.

• Recommending changes to standard operating procedures and similar documentation.

• Responding to computer security incidents by collecting, analysing, and preserving digital evidence and ensuring that incidents are properly recorded and tracked in accordance with SOC requirements.

• Analysing new alerts generated by correlation or alerting tools, as well as other external alert sources and provide feedback and assessment for potential refinement.

• Reviewing SOC dashboards for anomalous activities.

• Analysing complex/unusual incidents and ensuring to provide correct escalation paths.

OUR REQUIREMENTS:

• Minimum 4 years of experience in the field of Information Systems or IT security-related functions.

• Solid understanding of network and computer security, security testing, software security.

• Knowledge of networks, firewalls, and operating systems.

• Ability to provide technical advice, guidance, and recommendations to management and other technical specialists on critical information concerning security issues.

• Strong analytical skills and ability to collect and interpret data from various sources.

• Experience in detecting and responding to cybersecurity incidents.

• 2+ years of experience in monitoring and analyzing security events and incidents within an organization's IT infrastructure.

• Experience with SIEM systems, big data, SOAR platforms and automation processes.

• Background in IT/Systems, especially in cloud providers (AWS, GCP, Azure).

• Extensive knowledge of current security threats, techniques, and landscape.

• Dedication and self-driven desire for research and learning more about the information security landscape and incident response.

• Experience with Windows & *nix platforms.

• Scripting skillset (Bash, Python, PowerShell) will be considered a plus.

• Strong analytical and critical observation skills.

• Will to follow SOC (Security Operations Center) processes and procedures while maintaining the flexibility to “think outside the box.”

• Strong written and verbal communication skills.

• Collaborative and team focus.

• Ability to categorize & prioritize tasks.

WHAT WE OFFER:

• Opportunities for development and continuous improvement of professional qualifications.

• Participation in projects in an international environment.

• Access to the newest technologies.

• Competitive salary.

• Language courses.

• Sharing the cost of sport activities.

• Private medical care with the possibility of extending it to family members.

• Nice working atmosphere in friendly and modern environment.